package com.roubsite.sso.utils;

import java.security.KeyFactory;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;


public class SignData {
	public static String privateKey = "MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAKCSPg2uHuK/2WJdAAW6qe7E0WUsFbhfScXSAfWkdcZRkc34D5SY3VhSl2ewpADLL2NRzXqPBZZDugNNK8eQDIgFgxhbJUT/kwO+hRW+pHPiqezNV3NsTLHIYlOKGBr7h/4UNwyI4xqs/W7hoGXjpC/mlnZtePb9KFNtFwXgQrDVAgMBAAECgYEAlM0RfmH2s1DwpevjQmvqYJ+6INTKyBJd7lmggUBH+GHNCZ+w6JcEwH3BW1Dhmu6wWo0LK2Fw3wCiV77jLEu8n7Ua8sDmzUejgQuElk9XZm0g7P4qo5+X1PyU+mHNYWYlOti8/gIxGtRK4jfZggODFiiYgy51wabHZcpz3zt2ip0CQQDMMoYj8s3ld6Kk1CqVzMIhWZLrpeBVOZqDlavrrXA/kq2zGYW4c6bi9vnSSxjV2a4BJg6BoxWrjDC8NCJjIsjzAkEAyU5ygn2KeAWZ0L2cd4DKiK1mhth6LoR2wv9ibpI+CQ4oghhz3tV6/cA0f0skm/W9VfGCV5AX4toTNqbmTquRFwJAGY/Jkv52H9+WEKQuoIn9U0dvSOh+6KxJV2eJGfugLZUjAWSUhL6ViZv5MgYMmdiiG6qz7i6IK+1kvGqaU2arWQJACbf710jwUnMSxf0hfLN/E7IrbP8uhuhmQ2vI+MWesRk5424CyhNMaMvKvQqHre/jQC70t/2A6bbVjqHoJIwr6QJAIr+I8JC/tneOZ1z2RaeMt0N2Ac5mmDrbO2PxjiF9/Y5yb5y/3EmNF/9yNMDouZlejmYQbHF4QyKFcQPr7G46ow==";
	public static String publicKey = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCgkj4Nrh7iv9liXQAFuqnuxNFlLBW4X0nF0gH1pHXGUZHN+A+UmN1YUpdnsKQAyy9jUc16jwWWQ7oDTSvHkAyIBYMYWyVE/5MDvoUVvqRz4qnszVdzbEyxyGJTihga+4f+FDcMiOMarP1u4aBl46Qv5pZ2bXj2/ShTbRcF4EKw1QIDAQAB";

	/**
	 * 
	 * @param param 待签名数据
	 * @return
	 * @throws Exception
	 */
	public String signWhole(String param) throws Exception {
		// 使用私钥加签
		byte[] signature = null;
		try {
			// 获取privatekey
			byte[] keyByte = Base64Utils.decode(privateKey);
			KeyFactory keyfactory = KeyFactory.getInstance("RSA");
			PKCS8EncodedKeySpec encoderule = new PKCS8EncodedKeySpec(keyByte);
			PrivateKey privatekey = keyfactory.generatePrivate(encoderule);

			// 用私钥给入参加签
			Signature sign = Signature.getInstance("SHA1WithRSA");
			sign.initSign(privatekey);
			sign.update(param.getBytes());

			signature = sign.sign();

		} catch (Exception e) {
			e.printStackTrace();
		} 
		// 将加签后的入参转成16进制
		String terminal = Hex.bytesToHexString(signature);
		return terminal;
	}

	/**
	 * 待验证数据
	 * 
	 * @param param     原始数据
	 * @param signature 签名数据
	 * @return
	 * @throws Exception
	 */
	public boolean verifyWhole(String param, String signature) throws Exception {
		try {
			// 获取公钥
			KeyFactory keyFactory = KeyFactory.getInstance("RSA");
			byte[] keyByte = Base64Utils.decode(publicKey);
			X509EncodedKeySpec encodeRule = new X509EncodedKeySpec(keyByte);
			PublicKey publicKey = keyFactory.generatePublic(encodeRule);

			// 用获取到的公钥对 入参中未加签参数param 与 入参中的加签之后的参数signature 进行验签
			Signature sign = Signature.getInstance("SHA1WithRSA");
			sign.initVerify(publicKey);
			sign.update(param.getBytes());

			// 将16进制码转成字符数组
			byte[] hexByte = Hex.hexStringToBytes(signature);
			// 验证签名
			return sign.verify(hexByte);

		} catch (Exception e) {
			// TODO Auto-generated catch block
			e.printStackTrace();
		}
		return false;
	}

}